nightcoder8
diff --git a/‎README.md
Lines changed: 3 additions & 2 deletions b/‎README.md
Lines changed: 3 additions & 2 deletions
diff --git a/‎build/build.xml
Lines changed: 48 additions & 2 deletions b/‎build/build.xml
Lines changed: 48 additions & 2 deletions
diff --git a/‎config/jdklogging.properties
Lines changed: 3 additions & 2 deletions b/‎config/jdklogging.properties
Lines changed: 3 additions & 2 deletions
diff --git a/‎config/log4j.properties
Lines changed: 2 additions & 2 deletions b/‎config/log4j.properties
Lines changed: 2 additions & 2 deletions
diff --git a/‎config/log4j2.xml
Lines changed: 18 additions & 3 deletions b/‎config/log4j2.xml
Lines changed: 18 additions & 3 deletions
diff --git a/‎config/logback.xml
Lines changed: 3 additions & 4 deletions b/‎config/logback.xml
Lines changed: 3 additions & 4 deletions
diff --git a/‎lib/log4j-api-2.0-beta9.jar
-106 KB b/‎lib/log4j-api-2.0-beta9.jar
-106 KB
diff --git a/‎lib/log4j-api-2.3.jar
133 KB b/‎lib/log4j-api-2.3.jar
133 KB
diff --git a/‎lib/log4j-core-2.0-beta9.jar
-665 KB b/‎lib/log4j-core-2.0-beta9.jar
-665 KB
diff --git a/‎lib/log4j-core-2.3.jar
808 KB b/‎lib/log4j-core-2.3.jar
808 KB
@@ -11,7 +11,6 @@ There are also custom handler/appender implementations and config examples for t
 
 This framework contains :
 
-*   Implementation of Splunk CIM(Common Information Model) and best practice logging semantics
 *   java.util.logging handler for logging to Splunk REST endpoints
 *   java.util.logging handler for logging to Splunk Raw TCP Server Socket
 *   java.util.logging handler for logging to Splunk HEC Endpoint
@@ -21,7 +20,9 @@ This framework contains :
 *   Logback appender for logging to Splunk REST endpoints
 *   Logback appender for logging to Splunk Raw TCP Server Socket
 *   Logback appender for logging to Splunk HEC Endpoint
-*   Example logging configuration files
+*   Log4j 2 appender for logging to Splunk HEC Endpoint
+*   Log4j 2 config examples for TCP and UDP logging
+*   Example logging configuration files for all the above
 *   Javadocs
 
 If you want to use UDP to send events to Splunk , then Log4j 1.x and Logback  already have Syslog Appenders.
 
@@ -126,6 +126,52 @@
 		<delete dir="${temp_build}" />
 
 	</target>
+	
+	<target name="build_log4j2" depends="compile"
+		description="generate a log4j2 only distribution">
+		<!-- Create the distribution directory -->
+
+
+		<copy todir="${temp_build}/${lib}">
+			<fileset dir="${lib}"
+				includes="splunk_tlsv12.jar,log4j-api-2.3.jar,log4j-core-2.3.jar,commons*.jar,http*.jar" />
+
+		</copy>
+
+
+
+		<copy todir="${temp_build}/${config}">
+			<fileset dir="${config}" includes="log4j2.xml" />
+		</copy>
+
+
+		<copy todir="${temp_build}/3rdparty_licenses">
+			<fileset dir="3rdparty_licenses" />
+		</copy>
+
+
+		<copy todir="${temp_build}">
+			<fileset file="LICENSE" />
+			<fileset file="README.md" />
+		</copy>
+
+
+		<jar jarfile="${temp_build}/${lib}/${id}-log4j2.jar">
+			<fileset dir="${temp_build}/${classes}"
+				includes="com/splunk/logging/*.class,com/splunk/logging/log4j2/**" />
+
+		</jar>
+
+		<delete dir="${temp_build}/${classes}" />
+
+		<tar destfile="${release}/${id}-log4j2-${version}${suffix}"
+			compression="${compressionType}">
+			<zipfileset dir="${temp_build}" prefix="${id}" />
+		</tar>
+
+		<delete dir="${temp_build}" />
+
+	</target>
 
 	<target name="build_logback" depends="compile"
 		description="generate a logback only distribution">
@@ -134,7 +180,7 @@
 
 		<copy todir="${temp_build}/${lib}">
 			<fileset dir="${lib}"
-				includes="splunk_tlsv12.jar,logback*.jar,commons-lang-2.4.jar" />
+				includes="splunk_tlsv12.jar,logback*.jar,commons*.jar,http*.jar" />
 
 		</copy>
 
@@ -179,7 +225,7 @@
 
 
 		<copy todir="${temp_build}/${lib}">
-			<fileset dir="${lib}" includes="splunk_tlsv12.jar" />
+			<fileset dir="${lib}" includes="splunk_tlsv12.jar,commons*.jar,http*.jar" />
 
 		</copy>
 
 
@@ -1,8 +1,9 @@
-#Example java.util.logging configuration using a Splunk REST Handler  or Splunk Raw TCP Appender
+#Example java.util.logging configuration using a Splunk HEC Handler,Splunk REST Handler  or Splunk Raw TCP Appender
 
 #handlers = java.util.logging.ConsoleHandler
 #handlers = com.splunk.logging.jdk.handler.SplunkRestHandler
-handlers = com.splunk.logging.jdk.handler.SplunkRawTCPHandler
+#handlers = com.splunk.logging.jdk.handler.SplunkRawTCPHandler
+handlers = com.splunk.logging.jdk.handler.SplunkHECHandler
 
 # Set the default logging level for the root logger
 .level = INFO
 
@@ -1,10 +1,10 @@
-#Example log4j configuration using a Splunk REST Appender or Splunk Raw TCP Appender
+#Example log4j configuration using a Splunk HEC Appender, Splunk REST Appender or Splunk Raw TCP Appender
 
 # Root logger option
 log4j.rootLogger=DEBUG,stdout
 
 #Splunk logger
-log4j.logger.splunk.logger=INFO, splunkrest
+log4j.logger.splunk.logger=INFO, splunkhec
 #log4j.logger.splunk.logger=INFO, splunkrawtcp
 log4j.additivity.splunk.logger=false
 
 
@@ -1,12 +1,26 @@
 <?xml version="1.0" encoding="UTF-8"?>
 
-<!--Example log4j2 configuration using a Splunk Raw TCP and UDP Appender -->
+<!--Example log4j2 configuration using a Splunk HEC, Raw TCP and UDP Appender -->
 
 
-<Configuration status="info" name="MySplunkApp" packages="">
+<Configuration status="info" name="MySplunkApp" packages="com.splunk.logging.log4j2.appender">
 
 	<Appenders>
 
+	    <SplunkHECAppender name="splunkhec" 
+	                       token="YOUR TOKEN" 
+	                       host="somehost" 
+	                       port="8088" 
+	                       https="false" 
+	                       poolsize="1" 
+	                       index="main" 
+	                       source="foo" 
+	                       sourcetype="bar" >
+	                       
+	        <PatternLayout pattern="%m%n" /> 
+	         
+	    </SplunkHECAppender> 
+	    
 		<Socket name="splunkrawtcp" protocol="TCP" host="ubuntu-splunk"
 			port="5151">
 			<PatternLayout pattern="%m%n" />
@@ -35,7 +49,8 @@
 			<AppenderRef ref="stdout" />
 		</Root>
 		<logger name="splunk.logger" additivity="false" level="INFO">
-			<appender-ref ref="splunkrawtcp" />
+			<appender-ref ref="splunkhec" />
+			<!-- <appender-ref ref="splunkrawtcp" /> -->
 			<!-- <appender-ref ref="splunkrawudp" /> -->
 			<!-- <appender-ref ref="failover_example" /> -->
 		</logger>
 
@@ -1,6 +1,6 @@
 <?xml version="1.0" encoding="UTF-8"?>
 
-<!--Example logback configuration using a Splunk REST Appender  or Splunk Raw TCP Appender -->
+<!--Example logback configuration using a Splunk HEC Appender, Splunk REST Appender  or Splunk Raw TCP Appender -->
 
 <configuration>
 
@@ -41,7 +41,7 @@
   </appender>
 
 <!--Send log events to a Splunk HEC Endpoint-->
-  <appender name="splunkrawtcp" class="com.splunk.logging.logback.appender.SplunkHECAppender">
+  <appender name="splunkhec" class="com.splunk.logging.logback.appender.SplunkHECAppender">
     <port>8088</port>
     <host>somehost</host>
     <token>YOUR TOKEN</token>
@@ -71,8 +71,7 @@
 
 <!--Splunk logger-->
   <logger name="splunk.logger" additivity="false" level="INFO">
-    <appender-ref ref="splunkrest"/>
-     <appender-ref ref="splunkrawtcp"/>
+     <appender-ref ref="splunkhec"/>
   </logger>
 
 <!--Root logger-->